0985af8e031097828cbe282b104fde6c_JaffaCakes118

General

Target

0985af8e031097828cbe282b104fde6c_JaffaCakes118
Size

440KB
MD5

0985af8e031097828cbe282b104fde6c
SHA1

ac382db5516df5954791f6fa5c2ea9c1f1e09c92
SHA256

1a445a22d3828458ca1387bca025fa89ac613707ae6d3236c3b804ea5dd58416
SHA512

2e98d44f9014af8a81ed064734cf103000183b8664b03cdd30137d2f134b644d956ff0fd4abbe1b72bc262fc8a2dbcbc60cc775d64baa64b70eb4cb291992f17
SSDEEP

12288:lwH4ngpw5GVQKH/Evpb1vAZ8genfSdOwaBdnUzxkiA:lwYnRq/+p54Eqdqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0985af8e031097828cbe282b104fde6c_JaffaCakes118

Files

0985af8e031097828cbe282b104fde6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0a8f25c0e5e61be16d08ff3c95d09be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
OutputDebugStringA
SetFilePointer
EnterCriticalSection
GetProcAddress
SetHandleCount
HeapReAlloc
SetStdHandle
FlushFileBuffers
InitializeCriticalSection
GetCurrentProcessId
HeapAlloc
WriteFileEx
GetLastError
UnhandledExceptionFilter
GetModuleHandleA
SetLastError
InitializeCriticalSectionAndSpinCount
CreateToolhelp32Snapshot
TlsSetValue
GetStdHandle
LCMapStringW
FreeEnvironmentStringsW
LCMapStringA
TlsAlloc
HeapCreate
HeapDestroy
GetCommandLineW
GetTimeFormatA
ExitProcess
GetTickCount
GetProcAddress
LeaveCriticalSection
HeapFree
GetCurrentThread
GetModuleFileNameA
IsBadReadPtr
LoadLibraryA
QueryPerformanceCounter
GetCommandLineA
VirtualAlloc
GetExitCodeThread
FreeEnvironmentStringsA
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetEnvironmentStrings
GetOEMCP
GetStringTypeW
VirtualFree
SetComputerNameA
SetConsoleCtrlHandler
GetACP
GetSystemTimeAsFileTime
GetEnvironmentStringsW
DebugBreak
CreateProcessA
GetFileType
GetStartupInfoA
CloseHandle
WriteFile
TlsFree
IsBadWritePtr
GetProfileSectionW
GetStringTypeA
WideCharToMultiByte
SetLocaleInfoW
MultiByteToWideChar
DeleteCriticalSection
GetVersion
GetComputerNameA
InterlockedExchange
InterlockedDecrement
HeapValidate
GetCPInfo
TlsGetValue

advapi32

RegQueryInfoKeyA
CryptSetProviderA
CryptHashSessionKey
LookupSecurityDescriptorPartsA
CryptDeriveKey
CryptGetHashParam
CryptDuplicateKey
RevertToSelf
RegLoadKeyW
RegEnumKeyW

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0a8f25c0e5e61be16d08ff3c95d09be

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 155KB - Virtual size: 155KB

.data Size: 276KB - Virtual size: 290KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 155KB - Virtual size: 155KB

.data
Size: 276KB - Virtual size: 290KB

.rsrc
Size: 7KB - Virtual size: 6KB